Add support for using Api as a user not a bot via OAuth #5533
Unanswered
grofit
asked this question in
API Feature Requests & Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Summary
The API exposes lots of useful functionality for end users that should be able to be used progmatically without the need of a bot, for example a user may want to be able to change their status code via a 3rd party application or even receive or send messages using the api via a 3rd party applications.
Use Cases
In my scenario I maintain an open source automation tool which hooks into 3rd party systems like twitch, twitter, obs etc where users setup flows to automate things. For example they may want to automatically react to a
!clip
command in twitch chat to create a clip then post the url to the created clip in their discord channel. (example shown below)There are plenty of other use cases like posting a message when going live or changing their status message when going live or thanking a user for a gift in their discord channel etc. It would also be great to allow the user to mute/unmute their mic or deafen automatically (api doesnt seem to support this and RPC is deprecated) as thats a common use case for OBS where a user wants to press a button and go afk and auto mute/unmute etc, but thats not available via API currently anyway.
More Info
After hours of searching over docs and talking in the Discord Dev channels it became apparent that while you may have a user oauth and allow you access to discord and the API, you cannot seem to do anything with these permissions, and if you do try to do anything I am told it is classed as "self botting" which is against terms.
I am sure there is a reason why this stance has been taken but given this approach builds on top of the existing Oauth flow which requires a user to approve the application to act on their behalf I cannot see why someone is restricted from using the API this way as you have signed off on the scopes being requested and its your data/account.
Using Twitch as an example you can oauth with their system and do all of the above use cases examples on behalf of the user without issue (assuming you are granted the correct scopes by the user), same with Twitter etc, it doesn't make sense to me as to why Discord restricts an end user from being able to make use of the API directly on their own account.
While everyone so far has said you should just be using bots for this, there is a lot of extra work for an end user to setup for this, as well as extra work as a developer to create a bot to work with multiple clients etc and also I as the bot author am then liable for whatever the bot does, however its the users account and their responsibility to ensure they use the api calls correctly so allowing the end user to do things seems the correct approach for this use case.
Beta Was this translation helpful? Give feedback.
All reactions